[Jifty-commit] r4339 - in jifty/trunk: . lib/Jifty/Plugin/OAuth
lib/Jifty/Plugin/OAuth/Action
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Tue Oct 30 18:35:15 EDT 2007
Author: sartak
Date: Tue Oct 30 18:35:14 2007
New Revision: 4339
Modified:
jifty/trunk/ (props changed)
jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm
jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
Log:
r44443 at onn: sartak | 2007-10-30 18:34:06 -0400
More tests, start implementing callbacks, but failing :)
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm Tue Oct 30 18:35:14 2007
@@ -21,6 +21,9 @@
param 'authorize',
valid_values are qw(allow deny);
+ param 'callback',
+ render as 'hidden';
+
};
=head2 validate_token
@@ -63,6 +66,10 @@
token => $self->argument_value('token'),
);
+ $self->result->content(token_obj => $token);
+ $self->result->content(token => $token->token);
+ $self->result->content(callback => $self->argument_value('callback'));
+
if ($self->argument_value('authorize') eq 'allow') {
$token->set_authorized('t');
$self->result->message("Allowing " . $token->consumer->name . " to access your stuff.");
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm Tue Oct 30 18:35:14 2007
@@ -94,7 +94,7 @@
set no_abort => 1;
my %oauth_params = get_parameters(@params);
- set next => $oauth_params{callback};
+ set callback => $oauth_params{callback};
set consumer => 'Some application';
del 'token';
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm Tue Oct 30 18:35:14 2007
@@ -103,7 +103,10 @@
class => 'AuthorizeRequestToken',
);
- Jifty->web->form->start( call => get 'next' );
+ Jifty->web->form->start();
+ Jifty->web->form->next_page(url => "/oauth/authorized");
+
+ outs $authorize->hidden(callback => get 'callback');
# if the site put the token in the request, then use it
# otherwise, prompt the user for it
@@ -129,6 +132,44 @@
Jifty->web->form->end();
};
+=head2 oauth/authorized
+
+Displayed after the user authorizes or denies a request token. Uses a link
+to the callback if provided, otherwise the site's URL.
+
+=cut
+
+template 'oauth/authorized' => page { title => 'XXX' }
+content {
+ my $result = Jifty->web->response->result('authorize_request_token');
+ my $callback = $result->content('callback');
+ my $token = $result->content('token');
+ my $token_obj = $result->content('token_obj');
+
+ $callback ||= $token_obj->consumer->url;
+
+ if (!$callback) {
+ p { "Oops! " . $token_obj->consumer->name . " didn't tell us how to get you back to their service. If you do find your way back, you'll probably need this token: " . $token };
+ }
+ else {
+ $callback .= ($callback =~ /\?/ ? '&' : '?')
+ . 'oauth_token='
+ . $token;
+ set consumer => $token_obj->consumer;
+
+ p {
+ outs 'To return to ';
+ show 'oauth/consumer';
+ outs ', ';
+ hyperlink(
+ label => 'click here',
+ url => $callback,
+ );
+ outs '.';
+ };
+ }
+};
+
=head2 oauth/help
This provides a very, very layman description of OAuth for users
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t Tue Oct 30 18:35:14 2007
@@ -8,7 +8,7 @@
use TestApp::Plugin::OAuth::Test;
if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
- plan tests => 33;
+ plan tests => 40;
}
else {
plan skip_all => "Net::OAuth isn't installed";
@@ -27,7 +27,7 @@
my ($ok, $msg) = $consumer->create(
consumer_key => 'foo',
secret => 'bar',
- name => 'FooBar industries',
+ name => 'FooBar Industries',
url => 'http://foo.bar.example.com',
rsa_key => $pubkey,
);
@@ -158,3 +158,85 @@
}
# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# deny it with a request parameter {{{
+$mech->get_ok('/oauth/authorize?oauth_token=' . $token_obj->token);
+$mech->content_like(qr/If you trust this application/);
+$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
+
+$mech->form_number(1);
+$mech->click_button(value => 'Deny');
+
+$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# allow it with a request parameter {{{
+$mech->get_ok('/oauth/authorize?oauth_token=' . $token_obj->token);
+$mech->content_like(qr/If you trust this application/);
+$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
+
+$mech->form_number(1);
+$mech->click_button(value => 'Allow');
+
+$mech->content_contains("Allowing FooBar Industries to access your stuff");
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# deny it with a callback {{{
+$mech->get_ok('/oauth/authorize?oauth_callback=http%3A%2f%2fgoogle.com');
+$mech->content_like(qr/If you trust this application/);
+
+$mech->fill_in_action_ok($mech->moniker_for('TestApp::Plugin::OAuth::Action::AuthorizeRequestToken'), token => $token_obj->token);
+$mech->click_button(value => 'Deny');
+
+$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+$mech->content_contains("Click here");
+$mech->content_contains("http://google.com?oauth_token=" . $token_obj->token);
+$mech->content_contains("to return to FooBar Industries");
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# deny it with a callback + request params {{{
+$mech->get_ok('/oauth/authorize?oauth_token='.$token_obj->token.'&oauth_callback=http%3A%2f%2fgoogle.com%3ffoo%3d=bar');
+$mech->content_like(qr/If you trust this application/);
+$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
+
+$mech->form_number(1);
+$mech->click_button(value => 'Deny');
+
+$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+$mech->content_contains("Click here");
+$mech->content_contains("http://google.com?foo=bar&oauth_token=" . $token_obj->token);
+$mech->content_contains("to return to FooBar Industries");
+# }}}
+
More information about the Jifty-commit
mailing list